17d45a6d30
- Added `FilesystemPackRunProvenanceWriter` to write provenance manifests to the filesystem. - Introduced `MongoPackRunArtifactReader` to read artifacts from MongoDB. - Created `MongoPackRunProvenanceWriter` to store provenance manifests in MongoDB. - Developed unit tests for filesystem and MongoDB provenance writers. - Established `ITimelineEventStore` and `ITimelineIngestionService` interfaces for timeline event handling. - Implemented `TimelineIngestionService` to validate and persist timeline events with hashing. - Created PostgreSQL schema and migration scripts for timeline indexing. - Added dependency injection support for timeline indexer services. - Developed tests for timeline ingestion and schema validation.
StellaOps Excititor
Excititor converts heterogeneous VEX feeds into raw observations and linksets that honour the Aggregation-Only Contract.
Latest updates (2025-11-30)
- Sprint tracker
docs/implplan/SPRINT_0333_0001_0001_docs_modules_excititor.mdand moduleTASKS.mdadded to mirror status. - Observability/runbook assets remain in
operations/observability.mdandobservability/(timeline, locker manifests); dashboards stay offline-import friendly. - Prior updates (2025-11-05): Link-Not-Merge readiness and consensus beta note (
../../updates/2025-11-05-excitor-consensus-beta.md), observability guide additions, DSSE packaging guidance, and Policy/CLI follow-ups tracked in SPRINT_200. - Link-Not-Merge readiness: release note Excitor consensus beta captures how Excititor feeds power the Excititor consensus beta (sample payload in consensus JSON).
- Added observability guide describing the evidence metrics emitted by
EXCITITOR-AIAI-31-003(request counters, statement histogram, signature status, guard violations) so Ops/Lens can alert on misuse. - README now points policy/UI teams to the upcoming consensus integration work.
- DSSE packaging for consensus bundles and Export Center hooks are documented in the beta release note; operators mirroring Excititor exports must verify detached JWS artefacts (
bundle.json.jws) alongside each bundle. - Follow-ups called out in the release note (Policy weighting knobs
POLICY-ENGINE-30-101, CLI verbCLI-VEX-30-002) remain in-flight and are tracked in/docs/implplan/SPRINT_200_documentation_process.md.
Release references
- Consensus beta payload reference: docs/vex/consensus-json.md
- Export Center offline packaging: docs/modules/export-center/devportal-offline.md
- Historical release log: docs/updates/
Responsibilities
- Fetch OpenVEX/CSAF/CycloneDX statements via restart-only connectors.
- Store immutable VEX observations with full provenance.
- Publish linksets and events that drive policy suppression decisions.
- Provide deterministic exports for Offline Kit and downstream tooling.
Key components
StellaOps.Excititor.WebServicescheduler/API host.- Connector libraries under
StellaOps.Excititor.Connector.*. - Normalization helpers and exporters in
StellaOps.Excititor.*.
Integrations & dependencies
- Policy Engine for evidence queries.
- UI/CLI for conflict visibility and explanation.
- Notify for VEX-driven alerts.
Operational notes
- MongoDB for observation storage and job metadata.
- Offline kit packaging aligned with Concelier merges.
- Connector-specific runbooks (see
docs/modules/concelier/operations/connectors). - Ubuntu CSAF provenance knobs:
operations/ubuntu-csaf.mdcaptures TrustWeight/Tier, cosign, and fingerprint configuration for the sprint 120 enrichment.
Backlog references
- DOCS-LNM-22-006 / DOCS-LNM-22-007 (shared with Concelier).
- CLI-EXC-25-001..002 follow-up for CLI parity.
Epic alignment
- Epic 1 – AOC enforcement: maintain immutable VEX observations, provenance, and AOC verifier coverage.
- Epic 7 – VEX Consensus Lens: supply trustworthy raw inputs, trust metadata, and consensus hooks for the lens computations.
- Epic 8 – Advisory AI: expose citation-ready VEX payloads for the advisory assistant pipeline.